Securing SQL Server

By Lisa Vaas  |  Posted 2004-02-25 Print this article Print

While customers await Yukon, however, SQL Server itself has been getting more secure, Rizzo said. Microsoft has been spending extra money on security, as executives acknowledged during the companys second-quarter financial conference call, with much of the funds getting pumped into educating developers and customers. One security-related educational venture has been the recent launch of the new Security Guidance Center on Microsofts TechNet site. Launched about two weeks ago, the Center is a portal for all things security-related that might concern SQL Server customers. Security-related funds are also going to other initiatives, including Webcasts, written articles and other educational ventures for outside partners and customers, Rizzo said. Rizzo also pointed to Microsofts automated Baseline Security Analyzer tool as proof that the company is helping customers to secure SQL Server. Released some two years ago, this free tool seeks out unpatched Windows systems and applications on networks, then tells users what they need and where to find patches. Finally, the company is aiming to come out with a SQL Server-specific update feature similar to its current Windows Update, which notifies users when patches or drivers are available, though a release date has yet to be determined.
Customers are clamoring for such a feature in hopes that it could protect them from catastrophes such as that wrought by Slammer. Slammer, a SQL Server worm that brought down the Internet some 13 months ago, preyed on machines that lacked a patch that had been available for some time. As a result, many small to medium-sized businesses with small and/or overworked IT staffs voiced need for some help with patch management.
To find out how patch mismanagement fueled Slammer, click here. Next page: More people, more strategy around adding features.

Lisa Vaas is News Editor/Operations for and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel